Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bbbb52e1-06f0-499b-bffa-3c9225740b4b/8d3c00537bfe48b8ea44372fb138e63f27439c2b.roa
File:                     8d3c00537bfe48b8ea44372fb138e63f27439c2b.roa (raw, json)
Hash identifier:          RjLEH0KVJo903VlG/VBVe9xRvLOEmErAuLOIoNURv2Q=
Subject key identifier:   61:A0:CD:28:6F:92:ED:B2:16:6A:96:CC:A1:C9:54:7E:D3:AC:31:27
Certificate issuer:       /CN=6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669
Certificate serial:       2019F7
Authority key identifier: 8F:72:71:5B:AE:6B:CC:AB:62:1F:27:32:6C:82:80:01:F5:31:84:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bbbb52e1-06f0-499b-bffa-3c9225740b4b/8d3c00537bfe48b8ea44372fb138e63f27439c2b.roa
Signing time:             Mon 26 Jun 2023 01:08:28 +0000
ROA not before:           Sun 25 Jun 2023 01:08:27 +0000
ROA not after:            Thu 26 Jun 2025 01:08:27 +0000
asID:                     23470
IP address blocks:        45.164.23.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bbbb52e1-06f0-499b-bffa-3c9225740b4b/6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bbbb52e1-06f0-499b-bffa-3c9225740b4b/6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2103799 (0x2019f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669
        Validity
            Not Before: Jun 25 01:08:27 2023 GMT
            Not After : Jun 26 01:08:27 2025 GMT
        Subject: CN=8d3c00537bfe48b8ea44372fb138e63f27439c2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d1:6d:51:5a:5e:7e:c2:2d:ca:bb:12:7a:04:
                    e2:6c:fd:86:30:93:dd:82:56:f0:6d:cf:31:26:1c:
                    f0:6a:94:c3:2c:07:4d:d9:d2:da:e9:a8:b1:d5:5a:
                    e7:f9:01:6e:31:de:d5:29:f7:5d:15:6f:59:3e:a5:
                    79:c1:33:56:a6:ae:4d:13:e0:76:a7:84:b2:c8:a2:
                    a9:87:30:4a:0d:e3:b4:98:0e:0a:30:4d:68:16:63:
                    d3:8e:53:49:02:ac:5d:bb:d8:53:b0:d3:ef:3b:71:
                    6f:b1:0f:10:dd:17:fd:ff:88:8e:57:9d:08:f3:76:
                    71:ed:51:25:16:f1:51:11:f3:ef:de:cc:1b:45:e0:
                    a6:8a:2d:ae:07:8f:80:32:13:45:3e:0a:cd:b1:d4:
                    fc:e2:3e:6e:39:4f:95:13:8c:7f:67:b9:64:2d:50:
                    35:43:7d:18:70:dc:68:fd:b2:6f:7f:91:df:57:38:
                    36:5e:45:5b:4b:37:9e:4e:bc:97:7e:41:73:bb:fe:
                    3e:fa:54:9c:d8:49:fe:60:dc:52:b9:0c:07:cb:7d:
                    a9:de:28:21:64:32:b1:af:f6:c5:b0:a4:8b:8a:70:
                    16:bc:05:8f:31:00:78:5b:14:16:a9:c8:cc:4d:55:
                    2f:00:0a:47:52:81:a6:33:49:36:c5:41:df:4c:57:
                    32:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:A0:CD:28:6F:92:ED:B2:16:6A:96:CC:A1:C9:54:7E:D3:AC:31:27
            X509v3 Authority Key Identifier:
                keyid:8F:72:71:5B:AE:6B:CC:AB:62:1F:27:32:6C:82:80:01:F5:31:84:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bbbb52e1-06f0-499b-bffa-3c9225740b4b/8d3c00537bfe48b8ea44372fb138e63f27439c2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bbbb52e1-06f0-499b-bffa-3c9225740b4b/6efa4d53a9a2c33a3fe7585233f9d4d4c10ff669.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.164.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:f7:e6:d5:3f:dc:1f:fa:ee:f0:15:7f:b8:39:ad:dd:c5:12:
         87:fe:b3:c7:b0:07:0f:57:f1:27:39:2a:8b:fb:91:7b:9b:ca:
         9d:14:c7:8d:1d:9b:d9:2e:f4:86:76:4a:04:b4:ae:22:83:4e:
         5c:a8:ca:fa:57:b3:6b:87:09:5a:8b:56:e7:cc:30:c5:2f:1b:
         ad:76:e4:af:ba:47:33:4f:b3:8e:8c:e3:5a:19:b5:04:0b:b9:
         26:56:55:00:de:d5:65:8b:93:a0:c7:1a:ec:b9:b3:b7:e7:6a:
         3d:da:ca:9d:a7:03:91:d3:ee:f2:0a:9f:e8:a5:60:e0:01:a7:
         00:2b:8f:29:76:ea:8d:ef:24:99:71:fe:45:39:a2:fb:ec:a1:
         8a:2a:85:f3:4c:32:bc:be:31:5a:b2:61:86:d6:82:1d:b3:73:
         43:85:7d:d4:5c:4c:d3:ca:3c:c7:1d:b4:6a:21:6e:58:84:7b:
         86:37:c0:7e:fb:8a:ef:80:6a:e7:4a:f4:b3:1a:96:35:10:f3:
         8e:0c:18:68:59:78:c8:85:4f:48:46:bd:bc:41:a0:bd:16:c7:
         9d:ba:40:81:5d:4d:a9:8a:aa:d8:5c:6c:90:2f:e1:ca:a7:c1:
         ad:5b:43:b1:e1:2c:ce:82:ae:a9:6f:25:aa:d1:3d:cf:b6:e0:
         75:e1:c0:e2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIBn3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZl
ZmE0ZDUzYTlhMmMzM2EzZmU3NTg1MjMzZjlkNGQ0YzEwZmY2NjkwHhcNMjMwNjI1
MDEwODI3WhcNMjUwNjI2MDEwODI3WjAzMTEwLwYDVQQDEyg4ZDNjMDA1MzdiZmU0
OGI4ZWE0NDM3MmZiMTM4ZTYzZjI3NDM5YzJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm9FtUVpefsItyrsSegTibP2GMJPdglbwbc8xJhzwapTDLAdN
2dLa6aix1Vrn+QFuMd7VKfddFW9ZPqV5wTNWpq5NE+B2p4SyyKKphzBKDeO0mA4K
ME1oFmPTjlNJAqxdu9hTsNPvO3FvsQ8Q3Rf9/4iOV50I83Zx7VElFvFREfPv3swb
ReCmii2uB4+AMhNFPgrNsdT84j5uOU+VE4x/Z7lkLVA1Q30YcNxo/bJvf5HfVzg2
XkVbSzeeTryXfkFzu/4++lSc2En+YNxSuQwHy32p3ighZDKxr/bFsKSLinAWvAWP
MQB4WxQWqcjMTVUvAApHUoGmM0k2xUHfTFcyewIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGGgzShvku2yFmqWzKHJVH7TrDEnMB8GA1UdIwQYMBaAFI9ycVuua8yrYh8n
MmyCgAH1MYT8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmVmYTRk
NTNhOWEyYzMzYTNmZTc1ODUyMzNmOWQ0ZDRjMTBmZjY2OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmJiYjUyZTEtMDZmMC00OTliLWJmZmEtM2M5MjI1
NzQwYjRiLzhkM2MwMDUzN2JmZTQ4YjhlYTQ0MzcyZmIxMzhlNjNmMjc0MzljMmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYmJiNTJlMS0wNmYwLTQ5OWItYmZmYS0zYzky
MjU3NDBiNGIvNmVmYTRkNTNhOWEyYzMzYTNmZTc1ODUyMzNmOWQ0ZDRjMTBmZjY2
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2kFzANBgkqhkiG9w0BAQsFAAOCAQEAWffm1T/cH/ru8BV/
uDmt3cUSh/6zx7AHD1fxJzkqi/uRe5vKnRTHjR2b2S70hnZKBLSuIoNOXKjK+lez
a4cJWotW58wwxS8brXbkr7pHM0+zjozjWhm1BAu5JlZVAN7VZYuToMca7Lmzt+dq
PdrKnacDkdPu8gqf6KVg4AGnACuPKXbqje8kmXH+RTmi++yhiiqF80wyvL4xWrJh
htaCHbNzQ4V91FxM08o8xx20aiFuWIR7hjfAfvuK74Bq50r0sxqWNRDzjgwYaFl4
yIVPSEa9vEGgvRbHnbpAgV1NqYqq2FxskC/hyqfBrVtDseEszoKuqW8lqtE9z7bg
deHA4g==
-----END CERTIFICATE-----
Generated at Sun Feb 25 00:06:05 2024 by rpki-client on console-ams.rpki-client.org